- Leadership Return on Investment (ROI) - A Touchy Security Topic
ROI in finance means income-generating return, but security prevents loss rather than creating wealth. Vendors misuse "ROI" to justify expenses as "investments." ROSI calculations rely on annualized...
- Malware Advanced Persistent Threat (APT) - A Touchy Security Topic
APT causes heated debates because it's become a marketing buzzword. Some define it as an attack process with certain characteristics (the "What" group), while Mandiant uses it for specific...
- Communication The Lure of Notoriety for Information Security Experts
If an expert makes a discovery that improves security, can they make a difference if no one hears about it? On-line presence builds professional reputation, but pursuing notoriety diverts attention...
- Training What is a Cybersecurity Expert?
Three types of security experts: specialists with superior performance in domains like forensics or network defense, generalists with extensive business understanding, and architects who piece...
- Incident Response Incorporating Mobile Devices into Enterprise Security
Enterprise security hasn't kept up with consumerization—powerful mobile devices often have VPN access and email but lack mature OS security controls. Organizations need greater network segmentation,...
- Cloud Cloud Makes Security More Affordable for Smaller Companies
Cloud computing's pay-per-use billing model makes enterprise security technologies affordable for SMBs who couldn't justify large upfront purchases. Converting capital expenditure to operating...